From 656d6d251e88a6e139869f3e244c23a3ad91eeea Mon Sep 17 00:00:00 2001 From: Christian Bundy Date: Tue, 22 Sep 2020 05:49:40 -0700 Subject: [PATCH] Add crypto_auth (#32) * add crypto_auth_hmac methods --- crypto_auth.js | 35 +++++++++++++++++++++++++++++++++++ index.js | 1 + package.json | 4 ++-- 3 files changed, 38 insertions(+), 2 deletions(-) create mode 100644 crypto_auth.js diff --git a/crypto_auth.js b/crypto_auth.js new file mode 100644 index 0000000..a279a29 --- /dev/null +++ b/crypto_auth.js @@ -0,0 +1,35 @@ +/* eslint-disable camelcase */ +const { crypto_verify_32 } = require('./crypto_verify') +const Sha512 = require('sha512-universal') +const assert = require('nanoassert') + +const crypto_auth_BYTES = 32 +const crypto_auth_KEYBYTES = 32 + +function crypto_auth (out, input, k) { + assert(out.byteLength === crypto_auth_BYTES, "out should be 'crypto_auth_BYTES' in length") + assert(k.byteLength === crypto_auth_KEYBYTES, "key should be 'crypto_auth_KEYBYTES' in length") + + const out0 = new Uint8Array(64) + const hmac = Sha512.HMAC(k) + hmac.update(input) + hmac.digest(out0) + + out.set(out0.subarray(0, 32)) +} + +function crypto_auth_verify (h, input, k) { + assert(h.byteLength === crypto_auth_BYTES, "h should be 'crypto_auth_BYTES' in length") + assert(k.byteLength === crypto_auth_KEYBYTES, "key should be 'crypto_auth_KEYBYTES' in length") + + const correct = Sha512.HMAC(k).update(input).digest() + + return crypto_verify_32(h, 0, correct, 0) +} + +module.exports = { + crypto_auth_BYTES, + crypto_auth_KEYBYTES, + crypto_auth, + crypto_auth_verify +} diff --git a/index.js b/index.js index 48a88bb..980fdd6 100644 --- a/index.js +++ b/index.js @@ -12,6 +12,7 @@ forward(require('./randombytes')) forward(require('./memory')) forward(require('./helpers')) forward(require('./crypto_verify')) +forward(require('./crypto_auth')) forward(require('./crypto_box')) forward(require('./crypto_generichash')) forward(require('./crypto_hash')) diff --git a/package.json b/package.json index 766c98a..eada135 100644 --- a/package.json +++ b/package.json @@ -7,8 +7,8 @@ "blake2b": "^2.1.1", "chacha20-universal": "^1.0.4", "nanoassert": "^2.0.0", - "sha256-universal": "^1.0.1", - "sha512-universal": "^1.0.1", + "sha256-universal": "^1.1.0", + "sha512-universal": "^1.1.0", "siphash24": "^1.0.1", "xsalsa20": "^1.0.0" },